{
  "name": "Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications",
  "slug": "threat-actors-chained-vulnerabilities-in-ivanti-cloud-service-applications",
  "description": "The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory in response to exploitation in September 2024 of vulnerabilities in Ivanti Cloud Service Appliances (CSA): CVE-2024-8963, an administrative bypass vulnerability; CVE-2024-9379, a SQL injection vulnerability; and CVE-2024-8190 and CVE-2024-9380, remote code execution vulnerabilities.",
  "published": "2025-01-24T13:18:10+00:00",
  "created_at": "2025-01-24T13:18:10+00:00",
  "modified_at": "2025-01-24T13:54:07+00:00",
  "created_at_opencti": "2025-01-24T13:18:10+00:00",
  "author": "",
  "confidence": null,
  "report_types": [],
  "labels": [],
  "tags": [
    "2025-01-24",
    "cisa",
    "ivanti"
  ],
  "related_entities": {
    "observables": [
      {
        "id": "",
        "name": "98.98.54.209"
      },
      {
        "id": "",
        "name": "67.217.228.83"
      },
      {
        "id": "",
        "name": "64.176.49.160"
      },
      {
        "id": "",
        "name": "45.33.101.53"
      },
      {
        "id": "",
        "name": "216.73.162.56"
      },
      {
        "id": "",
        "name": "203.160.72.174"
      },
      {
        "id": "",
        "name": "185.220.69.83"
      },
      {
        "id": "",
        "name": "185.199.103.196"
      },
      {
        "id": "",
        "name": "163.5.171.49"
      },
      {
        "id": "",
        "name": "155.138.215.144"
      },
      {
        "id": "",
        "name": "142.171.217.195"
      },
      {
        "id": "",
        "name": "142.11.217.3"
      },
      {
        "id": "",
        "name": "134.195.90.71"
      },
      {
        "id": "",
        "name": "108.174.199.200"
      },
      {
        "id": "",
        "name": "104.168.133.228"
      },
      {
        "id": "",
        "name": "136.144.17.133"
      },
      {
        "id": "",
        "name": "216.131.75.53"
      },
      {
        "id": "",
        "name": "89.187.178.179"
      },
      {
        "id": "",
        "name": "203.160.86.69"
      },
      {
        "id": "",
        "name": "107.173.89.16"
      },
      {
        "id": "",
        "name": "38.207.159.76"
      },
      {
        "id": "",
        "name": "208.105.190.170"
      },
      {
        "id": "",
        "name": "156.234.193.18"
      },
      {
        "id": "",
        "name": "23.236.66.97"
      },
      {
        "id": "",
        "name": "188.172.229.15"
      },
      {
        "id": "",
        "name": "cri07nnrg958pkh6qhk0yrgy1e76p1od6.oast.fun"
      },
      {
        "id": "",
        "name": "cri07nnrg958pkh6qhk0977u8c83jog6t.oast.fun"
      },
      {
        "id": "",
        "name": "4b16ea1b1273f8746cf399c71bfc1f5bff7378b5414b4ea044c55e0ee08c89d3"
      }
    ],
    "attack_patterns": [
      {
        "id": "3da78f6d-c968-43ce-b1f3-149ce4a042aa",
        "name": "T1556"
      },
      {
        "id": "1f2ce0cc-430c-4317-a332-83a27cbad1d3",
        "name": "T1548"
      },
      {
        "id": "3245033a-53c4-454c-873a-fb653af0bf8a",
        "name": "T1552"
      },
      {
        "id": "eb118bf2-fdf2-4b49-a470-0acabf7608ad",
        "name": "T1505"
      },
      {
        "id": "b9a3b4f8-b9c0-4ed8-bf5e-bf759b9804d6",
        "name": "T1564"
      },
      {
        "id": "dc342445-1b78-48b4-aa06-89ed2ad7c28e",
        "name": "T1071"
      },
      {
        "id": "d570881a-1f73-41ca-ad6c-fc29256c76f9",
        "name": "T1595"
      },
      {
        "id": "820fbdf8-7db2-4292-9a60-7eed3567be8d",
        "name": "T1210"
      },
      {
        "id": "c12e0e03-aab0-4646-a929-e921a3d27f02",
        "name": "T1219"
      },
      {
        "id": "0156fcda-e385-4662-b388-086c3e16feec",
        "name": "T1140"
      },
      {
        "id": "6c8f8a40-2746-4a37-86bd-81e82afa6e62",
        "name": "T1190"
      },
      {
        "id": "64cdebc9-0fb4-48f2-bf4f-b87f3741f664",
        "name": "T1068"
      },
      {
        "id": "9b6064e6-a05b-4e95-baf5-34d180bc9221",
        "name": "T1059"
      }
    ],
    "vulnerabilities": [
      {
        "id": "",
        "name": "CVE-2025-0283"
      },
      {
        "id": "",
        "name": "CVE-2025-0282"
      },
      {
        "id": "",
        "name": "CVE-2024-9380"
      },
      {
        "id": "",
        "name": "CVE-2024-9381"
      },
      {
        "id": "",
        "name": "CVE-2024-9379"
      },
      {
        "id": "",
        "name": "CVE-2024-8963"
      },
      {
        "id": "",
        "name": "CVE-2024-8190"
      }
    ]
  },
  "external_refs": [
    "https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-022a",
    "https://otx.alienvault.com/pulse/6793a122d3afae240ccc4a4d"
  ]
}